Privacy Legislation Code of Conduct

GX Software holds itself to the following "Code of Conduct in the context of privacy legislation". The following rules are based on the GDPR, the EU privacy legislation that will be in force beginning on May 25, 2018 in order to protect the privacy of all EU citizens.

The personal data to which GX Software has access will only be handled on behalf of the customer/client, subject to special legal exceptions.

GX Software will never use personal information that we have access to for any purpose(s) other than those to which we are granted.

When GX Software receives a request from a customer or party that touches on personal data, we will always verify that the request originates from the customer him- or herself or from someone who is authorized to make requests on behalf of that customer.

If personal information is irrelevant to satisfying a request, then GX Software will ask that the customer anonymize all related information (databases, log files, etc.) before handling the request.

If a request for information is clearly in violation of the law or appears to be, the senior management of GX Software will be consulted. Our default position is that "we will never help someone break the law".

It is expressly forbidden for GX Software to:

use the personal information of a customer or that of GX Software itself for private reasons.

sell the personal information of a customer or that of GX Software itself, regardless of where the proceeds from such a sale would go.

to couple the information of different customers together in any way whatsoever.

Our software is developed based on the principle of "privacy by design", that is, our software respects the privacy of our customers by default.

The advice dispensed by GX Software to others always has at its core the precept to "respect the privacy of the visitor and user".

If GX Software detects or suspects that the protection of personal information is at risk, we will immediately inform the Data Protection Officer of the customer or client. If a data breach is detected as defined in article 33 of the law, GX Software will ensure that the customer is able to report it to the Dutch Data Protection Authority within 72 hours as required by law.

We will never reveal customer information or any other sensitive details held by GX Software.

We protect our workplace, desktop computers, laptops, telephones and all other related equipment so that they cannot be used to breach the privacy of GX Software or any of our customers or clients.

Do you have further questions about the GDPR? Pose them here and we will make contact with you as soon as possible.